All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2018

{"mscve": [{"lastseen": "2020-04-22T10:26:26", "bulletinFamily": "microsoft", "description": "A remote code execution vulnerability exists in Application Inspector version\nv1.0.23 or earlier when the tool reflects example code snippets from third-\nparty source files into its HTML output. An attacker who exploited it could\nsend sections of the report containing code snippets to an external server.\n\nTo exploit the vulnerability, an attacker needs to convince a user to run\nApplication Inspector on source code that includes a malicious third-party\ncomponent.\n\nThe update addresses the vulnerability by adding output encoding to the HTML\nreport blocking an attacker\u2019s ability to initiate a JavaScript action.\n\nAdditional details can be found in the [Application Inspector project on\nGitHub](https://github.com/microsoft/ApplicationInspector/issues/108).\n\n", "modified": "2020-03-10T07:00:00", "published": "2020-03-10T07:00:00", "id": "MS:CVE-2020-0872", "href": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0872", "title": "Remote Code Execution Vulnerability in Application Inspector", "type": "mscve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "krebs": [{"lastseen": "2020-03-17T19:36:23", "bulletinFamily": "blog", "description": "**Microsoft Corp.** today released updates to plug more than 100 security holes in its various **Windows** operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.\n\nAll told![](https://krebsonsecurity.com/wp-content/uploads/2014/07/brokenwindows.png), this patch batch addresses at least 115 security flaws. Twenty-six of those earned Microsoft's most-dire \"critical\" rating, meaning malware or miscreants could exploit them to gain complete, remote control over vulnerable computers without any help from users.\n\nGiven the sheer number of fixes, mercifully there are no [zero-day bugs](<https://en.wikipedia.org/wiki/Zero-day_\\(computing\\)>) to address, nor were any of them detailed publicly prior to today. Also, there were no security patches released by **Adobe** today. But there are a few eyebrow-raising Windows vulnerabilities worthy of attention.\n\n**Recorded Future** warns exploit code is now available for one of the critical bugs Redmond patched last month in **Microsoft Exchange** ([CVE-2020-0688](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688>)), and that nation state actors have been observed abusing the exploit for targeted attacks.\n\nOne flaw fixed this month in **Microsoft Word** ([CVE-2020-0852](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0852>)) could be exploited to execute malicious code on a Windows system just by getting the user to load an email containing a booby-trapped document in the **Microsoft Outlook** preview pane. CVE-2020-0852 is one just four remote execution flaws Microsoft patched this month in versions of Word.\n\nOne somewhat ironic weakness fixed today ([CVE-2020-0872](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0872>)) resides in a new component Microsoft debuted this year called [Application Inspector](<https://www.microsoft.com/security/blog/2020/01/16/introducing-microsoft-application-inspector/>), a source code analyzer designed to help Windows developers identify \"interesting\" or risky features in open source software (such as the use of cryptography, connections made to a remote entity, etc).\n\nMicrosoft said this flaw can be exploited if a user runs Application Inspector on a hacked or booby-trapped program. Whoops. **Animesh Jain** from security vendor **Qualys** [says](<https://blog.qualys.com/laws-of-vulnerabilities/2020/03/10/march-2020-patch-tuesday-115-vulns-26-critical-microsoft-word-and-workstation-patches>) this patch should be prioritized, despite being labeled as less severe (\"important\" versus \"critical\") by Microsoft.\n\nFor enterprises, Qualys recommends prioritizing the patching of desktop endpoints over servers this month, noting that most of the other critical bugs patched today are prevalent on workstation-type devices. Those include a number of flaws that can be exploited simply by convincing a Windows user to browse to a malicious or hacked Web site.\n\nWhile many of the vulnerabilities fixed in today's patch batch affect Windows 7 operating systems, this OS is no longer being supported with security updates (unless you\u2019re an enterprise taking advantage of Microsoft\u2019s [paid extended security updates program](<https://support.microsoft.com/en-us/help/4527878/faq-about-extended-security-updates-for-windows-7>), which is available to Windows 7 Professional and Windows 7 enterprise users).\n\nIf you rely on Windows 7 for day-to-day use, it\u2019s probably time to think about upgrading to something newer. That might be a computer with Windows 10. Or maybe you have always wanted that shiny MacOS computer.\n\nIf cost is a primary motivator and the user you have in mind doesn\u2019t do much with the system other than browsing the Web, perhaps a **Chromebook** or an older machine with a recent version of **Linux** is the answer (Ubuntu may be easiest for non-Linux natives). Whichever system you choose, it\u2019s important to pick one that fits the owner\u2019s needs and provides security updates on an ongoing basis.\n\nKeep in mind that while staying up-to-date on Windows patches is a must, it\u2019s important to make sure you\u2019re updating only after you\u2019ve backed up your important data and files. A reliable backup means you\u2019re not losing your mind when the odd buggy patch causes problems booting the system.\n\nSo do yourself a favor and backup your files before installing any patches. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips. Also, keep an eye on the [AskWoody blog](<https://www.askwoody.com/2020/february-2020-patch-tuesday-foibles/>) from **Woody Leonhard**, who keeps a close eye on buggy Microsoft updates each month.\n\n**Update, 7:50 p.m.:** Microsoft has released [an advisory](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200005>) about a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. Critical SMB (Windows file-sharing) flaws are dangerous because they are typically \"wormable,\" in that they can spread rapidly to vulnerable systems across an internal network with little to no human interaction.\n\n\"To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server,\" Microsoft warned. \"To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it.\"\n\nMicrosoft's advisory says the flaw is neither publicly disclosed nor exploited at the moment. It includes a workaround to mitigate the flaw in file-sharing servers, but says the workaround does not prevent the exploitation of clients.", "modified": "2020-03-10T23:44:29", "published": "2020-03-10T23:44:29", "id": "KREBS:9D9C58DB5C5495B10D2EBDB92549B0F2", "href": "https://krebsonsecurity.com/2020/03/microsoft-patch-tuesday-march-2020-edition/", "type": "krebs", "title": "Microsoft Patch Tuesday, March 2020 Edition", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2020-03-17T19:36:24", "bulletinFamily": "blog", "description": "This month\u2019s Microsoft Patch Tuesday addresses 115 vulnerabilities with 26 of them labeled as Critical. Of the 26 Critical vulns, 17 are for browser and scripting engines, 4 are for Media Foundation, 2 are for GDI+ and the remaining 3 are for LNK files, Microsoft Word and Dynamics Business. Microsoft also issued a patch for an RCE in Microsoft Word. Adobe has not posted any patches for Patch Tuesday.\n\nOn the basis of volume and severity this Patch Tuesday is heavy in weight.\n\nSee [details of the new detections](<https://www.qualys.com/research/security-alerts/2020-03-10/microsoft/>), including description, consequence and solution.\n\n### Workstation Patches\n\nThe Scripting Engine, LNK files ([CVE-2020-0684](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0684>)), GDI+([CVE-2020-0831, ](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0831>)[CVE-2020-0883](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0883>)) and Media Foundation (CVE-2020-0801, CVE-2020-0809, CVE-2020-0807, CVE-2020-0869) patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.\n\n### Microsoft Word RCE\n\nA Remote Code Execution vulnerability ([CVE-2020-0852](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0852>)) in Microsoft Word is also covered in today\u2019s patch release. An attacker could exploit the vulnerability using a specially crafted file to perform actions on behalf of the logged-in user with the same permissions as the current user.\n\n### Application Inspector RCE\n\nMicrosoft has also fixed a Remote Code Execution vulnerability ([CVE-2020-0872](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0872>)) in Application Inspector. This vulnerability can allow an attacker to execute their code on a target system if they can convince a user to run Application Inspector on code that includes a specially crafted third-party component. This patch should be prioritized, despite being labeled as \u201cImportant\u201d by Microsoft.\n\n### Dynamics Business Central RCE\n\nDynamics Business Central client is affected by a Remote Code Execution vulnerability ( [CVE-2020-0905](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0905>)) that could allow attackers to execute arbitrary shell commands on a target system. While this vulnerability is labeled as \u201cExploitation Less Likely,\u201d considering the target is likely a critical server, this should be prioritized across all Windows servers and workstations.\n\nThere are no Adobe patches released for this Month's Patch Tuesday.\n\n**Update March 11, 2020**: See [Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)](<https://blog.qualys.com/laws-of-vulnerabilities/2020/03/11/microsoft-windows-smbv3-remote-code-execution-vulnerability-cve-2020-0796>)", "modified": "2020-03-10T19:07:42", "published": "2020-03-10T19:07:42", "id": "QUALYSBLOG:9B7C3806B8C67809B298463FBE31A0A4", "href": "https://blog.qualys.com/laws-of-vulnerabilities/2020/03/10/march-2020-patch-tuesday-115-vulns-26-critical-microsoft-word-and-workstation-patches", "type": "qualysblog", "title": "March 2020 Patch Tuesday \u2013 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}